diff --git a/src/authenticator.rs b/src/authenticator.rs
index 8c9d9b7f5..f54c975d3 100644
--- a/src/authenticator.rs
+++ b/src/authenticator.rs
@@ -758,6 +758,7 @@ where
             None => {
                 // Failed verification
                 self.wink_bad();
+                self.delay_on_failure();
                 return Err(Status::VerificationFailed);
             }
             Some(val) => val
@@ -837,6 +838,12 @@ where
         // TODO blink green LED for 10 seconds, highest priority
         syscall!(self.trussed.wink(Duration::from_secs(10)));
     }
+
+    fn delay_on_failure(&mut self){
+        use crate::FAILURE_FORCED_DELAY_MILLISECONDS;
+        // TODO block for the time defined in the constant
+        // DESIGN allow only a couple of failures per power cycle? Similarly to the FIDO2 PIN
+    }
 }
 
 #[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
diff --git a/src/lib.rs b/src/lib.rs
index 51ab8b294..99ce938b7 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -23,6 +23,7 @@ pub const YUBICO_OATH_AID: &[u8] = &hex!("A000000527 2101");// 01");
 
 /// This constant defines timeout for the regular UP confirmation
 pub const UP_TIMEOUT_MILLISECONDS: u32 = 15 * 1000;
+pub const FAILURE_FORCED_DELAY_MILLISECONDS: u32 = 1 * 1000;
 
 // class AID(bytes, Enum):
 //     OTP = b'\xa0\x00\x00\x05\x27 \x20\x01'